Overview
This page contains advanced AFS commands and the options you can use with them, plus examples on how to use some of them.
fs --- File Commands
| fs apropos | search by help text |
| fs checkservers | check local cell's servers |
| fs checkvolumes | check volumeID/name mappings |
| fs cleanacl | clean up access control list |
| fs copyacl | copy access control list |
| fs debug | set debugging info |
| fs diskfree | show server disk space usage |
| fs examine | display volume status |
| fs exportafs | enable/disable translators to AFS |
| fs flush | flush file from cache |
| fs flushvolume | flush all data in volume |
| fs getcacheparms | get cache usage info |
| fs getcellstatus | get cell status |
| fs getserverprefs | get file server ranks |
| fs help | get help on commands |
| fs listacl | list access control list |
| fs listcells | list configured cells |
| fs listquota | list volume quota |
| fs lsmount | list mount point |
| fs messages | control Cache Manager messages |
| fs mkmount | make mount point |
| fs monitor | set cache monitor host address |
| fs newcell | configure new cell |
| fs quota | show volume quota usage |
| fs rmmount | remove mount point |
| fs setacl | set access control list |
| fs setcachesize | set cache size |
| fs setcell | set cell status |
| fs setquota | set volume quota |
| fs setserverprefs | set file server ranks |
| fs setvol | set volume status |
| fs sysname | get/set sysname (i.e. @sys) value |
| fs whereis | list file's location |
| fs whichcell | list file's cell |
| fs wscell | list workstation's cell |
Some fairly useful commands:
- Check which servers are down: fs checkservers
- Obtaining the Cache Size: fs getcacheparms
- Flushing Files: fs flush filename
- Brief Volume Information: fs lq path
- Find Volume Information: fs whereis path
pts --- Group Commands
| pts adduser | add a user to a group |
| pts apropos | search by help text |
| pts chown | change ownership of a group |
| pts creategroup | create a new group |
| pts createuser | create a new user |
| pts delete | delete a user or group from database |
| pts examine | examine an entry |
| pts help | get help on commands |
| pts listmax | list max id |
| pts listowned | list groups owned by an entry or zero id gets orphaned groups |
| pts membership | list membership of a user or group |
| pts removeuser | remove a user from a group |
| pts rename | rename user or group |
| pts setfields | set fields for an entry |
| pts setmax | set max id |
vos --- Server Commands
| vos addsite | add a replication site |
| vos apropos | search by help text |
| vos backup | make backup of a volume |
| vos backupsys | en masse backups |
| vos changeaddr | change the IP address of a file server |
| vos create | create a new volume |
| vos delentry | delete VLDB entry for a volume |
| vos dump | dump a volume |
| vos examine | everything about the volume |
| vos help | get help on commands |
| vos listpart | list partitions |
| vos listvldb | list volumes in the VLDB |
| vos listvol | list volumes on server (bypass VLDB) |
| vos lock | lock VLDB entry for a volume |
| vos move | move a volume |
| vos partinfo | list partition information |
| vos release | release a volume |
| vos remove | delete a volume |
| vos remsite | remove a replication site |
| vos rename | rename a volume |
| vos restore | restore a volume |
| vos status | report on volser status |
| vos syncserv | synchronize server with VLDB |
| vos syncvldb | synchronize VLDB with server |
| vos unlock | release lock on VLDB entry for a volume |
| vos unlockvldb | unlock all the locked entries in the VLDB |
| vos zap | delete the volume, don't bother with VLDB |
Some fairly useful commands:
- Listing Volume Attributes: vos examine [volume], i.e. vos examine user.frank or even vos examine user. frank.backup
- Listing Partition Info: vos partinfo
- Volume Info: vos examine sun4c_411.pubsw.bin
(after finding the exactly name from fs lq /usr/pubsw/bin
kas --- System Administration Commands
| kas apropos | search by help text |
| kas create | create an entry for a user |
| kas debuginfo | show debugging info from AuthServer |
| kas delete | delete a user |
| kas examine | examine the entry for a user |
| kas forgetticket | delete ticket for a specific server |
| kas getpassword | get a user's password |
| kas getrandomkey | get a random key |
| kas getticket | get a ticket for a specific server |
| kas help | get help on commands |
| kas interactive | enter interactive mode |
| kas list | list all users in database |
| kas listtickets | show all cache manager tickets |
| kas noauthentication | connect to AuthServer w/o using token |
| kas quit | exit program |
| kas setfields | set various fields in a user's entry |
| kas setkey | set a user's key |
| kas setpassword | set a user's password |
| kas statistics | show statistics for AuthServer |
| kas stringtokey | convert a string to a key |
| kas unlock | Enable authentication ID after max failed attempts exceeded |
More file permissions
The files contained within your AFS home directory use both AFS and Unix file permissions. The only Unix (NFS) permissions which are still applicable under AFS, however, are permissions for the user. Unix permissions on directories are not used.
- value -- permission code
- 400 -- r (Read)
- Allows user with AFS read access (rl) to the directory to read or copy the file.
- 200 -- w (Write)
- Allows user with AFS write access (wl) to modify or overwrite a file. Does NOT determine whether a user can delete the file, however. AFS delete (d) permission on the directory does that.
- 100 -- x (Execute)
- Allows user with AFS read access (rl) to execute the file
For example, to give read and execute permission to a file named [filename], type either of the following:
chmod 500 [filename]
chmod u+rx [filename]
The first command uses the numeric code (read + execute = 400 + 100 = 500); the second command uses the letter code (user plus read execute).
For more info on Unix permissions, read the man page for chmod (type "man chmod") and ls. The command "ls -l" will display the Unix permissions for the files. The command "fs la" will display the AFS permissions for the files. They are not the same thing.
Mounting volumes to recover files
Between midnight and 3 AM each night, a backup image of your account is made. If you delete or modify a file in an AFS volume, you may be able to retrieve the file if it existed when the backup image was made. NOTE: Under most circumstances, you should be able to just go into your .backup directory and copy whatever file you need from there directly, without going through the following steps. However, sometimes the volume containing the backup is not mounted. If this is the case, the command:
fs mkmount ~/.backup user.$USER.backup
will mount your backup volume in the directory named .backup in your home directory. You can use a name other ~/.backup if you want. To unmount the volume, type:
fs rmmount ~/.backup
You don't need to unmount it: files in .backup do not count against your disk quota usage.
The backup volume (user.$USER.backup) is a read-only copy of your account. You cannot remove or alter files in the backup volume, and file changes made after the last backup but before the next backup are not available. To restore a file, you must copy the file from the backup volume to your account.
Suppose you delete the file ~/Mail/incoming. The following commands may recover it (assuming you have sufficient quota and you do it in time):
cd
fs mkmount ~/.backup user.$USER.backup
cp ~/.backup/Mail/incoming ~/Mail/incoming.bak
fs rmmount ~/.backup
The recovered file would be named incoming.bak in the Mail directory.
Groups
Maintaining groups -- Using the pts command
One neat thing about AFS is that you can create your own groups and grant permissions for individual AFS usernames. To be in a group or individually listed in an ACL, a person needs to have a SUNet ID.
The command pts and its suite of subcommands allows you to create your own groups. Suppose your SUNet ID was "sunetid". Here is a list of common pts commands:
Creates a private group named sunetid:groupname
pts creategroup sunetid:groupname
Adds a user to the group sunetid:groupname (you must own the group)
pts adduser [username] sunetid:groupname
Remove user from the group sunetid:groupname
pts removeuser [username] sunetid:groupname
Delete the group sunetid:groupname from existence
pts delete sunetid:groupname
For a given directory, you can add a group to the acl. For example:
fs sa project sunetid:project read
pts Help, Shortcuts, And Tidbits
As expected, the pts commands have help options and abbreviations. See the man page for pts. You can also type:
| pts help | lists pts commands |
| pts [subcommand] -help | lists syntax for pts subcommand |
Other useful pts commands are:
| pts membership [groupname] | lists members of the group [groupname] |
| pts listowned <sunetid> | lists groups owned by the user <sunetid> |
File system layout
Paths in AFS
- /afs - base of AFS file system
- /afs/ir.stanford.edu (/afs/ir) - base of our cell
- /afs/ir/pubsw - campus software packages
- /afs/ir/systems - OS mount points
- /afs/ir/class - academic file space
- /afs/ir/group - organization file space
- /afs/ir/users - personal account space
/usr/pubsw
$ cardinal1:~ > ls /usr/pubsw
| X@ | apps/ | etc/ | include/ | man@ | share@ |
| X11R5/ | bin/ | examples@ | info@ | package/ | src@ |
| X11R6/ | doc@ | help/ | lib/ | sbin/ |
$ ls /usr/pubsw/package
| 00README | File/ | Licensed/ | NOTES/ | Shells/ | Web/ |
| Development/ | Fonts/ | Local/ | Network/ | Site/ | X/ |
| Dicts/ | Games/ | Mail/ | News/ | Sound/ | local@ |
| Doc/ | Graphics/ | Math/ | OLD/ | System/ | nosupport@ |
| Editors/ | Leland/ | Misc/ | Security/ | Text/ | unfiled/ |
Common sysnames (@sys)
- sun4x_58: Sun Solaris 8 (elaine, epic, saga, amy, fable, junior, tree).
- i386_linux24: Linux 2.4 kernel (firebird, raptor, cardinal).
- hpux_110: HP-UX 11.0 (pubsw & afs support)
- rs_aix43: IBM AIX 4.3 (pubsw & afs support)
- alpha_dux40: Digital Unix 4.0 (pubsw & afs support)
